<?php
if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
 * -----------------------------------------------------
 *
 * manage login
 *
 * @package     manage
 * @subpackage  
 * @category    login
 * @author      ChenFu
 * @since       2013-12-5 version 1.0       
 * -----------------------------------------------------    
 */
class Login extends CI_Controller
{
	public function __construct()
	{
		parent::__construct();
		$this->load->helper('url');
		// 加载user模型
		$this->load->model('user_model');
		$this->load->model('login_model');
		$this->load->model('role_model');
		// 加载md5类
		$this->load->library('my_md5');
		$this->load->library('session');
	}

	public function index()
	{	
		$this->load->view('admin/login');
	}

	public function login()
	{
		if(!empty($_POST['user_name'])){
			// 记录错误次数（用session记录）
			$login_error = $this->session->userdata('login_error');
			if(empty($login_error)){
				$this->session->set_userdata('login_error',0);
			}else{
				if($login_error >= 3){
					$this->sys_message->show_error('对不起！您登录的次数超过三次，请于20分钟之后重新尝试！');
					return ;
				}
			}
			// 判断验证码是否正确
			if(strtolower($_POST['auth_code']) != strtolower($this->session->userdata('auth_code')))
			{
				$this->sys_message->show_error('验证码错误,请重新输入！');
			    return ;
			}

			// 判断用户是否存在
			$arr_user = $this->user_model->get_username_by_username($_POST['user_name']);
			if(count($arr_user)== 0){
				$login_error++;
				$this->session->set_userdata('login_error',$login_error);
				$this->sys_message->show_error('该用户名不存在，请重新输入！');
			    return ;
			}
			// 判断输入的密码是否正确
			if($this->my_md5->md5_2($_POST['user_password'])!=$this->my_md5->get_md5($arr_user['user_password'])){
				$login_error++;
				$this->session->set_userdata('login_error',$login_error);
				/**
		         * 记录错误【通过登录日志】
		         */ 
		        $_insert['log_user_name'] 	= $_POST['user_name'];
		        $_insert['log_status'] 		= 2;
		        $_insert['log_password'] 	= $_POST['user_password'];
		        $_insert['log_ip']			= $_SERVER['REMOTE_ADDR'];
		        $_insert['log_time']		= date('Y-m-d H:i:s');
		        $this->login_model->insert($_insert);
				$this->sys_message->show_error('密码不准确，请重新输入！');
			    return ;
			}
			
			// 记录session值
			$this->session->set_userdata('system_user_name',$arr_user['user_name']);
			$this->session->set_userdata('system_user_nickname',$arr_user['user_nickname']);
			$this->session->set_userdata('system_user_id',$arr_user['user_id']);

			// 根据用户id查找角色
			$user_role=$this->role_model->get_role_info_by_id($arr_user['user_role_id']);
			// 记录角色的权限
        	$this->session->set_userdata('system_user_popedom',$user_role['role_popedom']);

        	// 更新时间和ip地址
        	$_update['user_login_time'] = date('Y-m-d H:i:s');
        	$_update['user_login_ip'] 	= $_SERVER['REMOTE_ADDR'];
        	
        	$this->user_model->update($_update,$arr_user['user_id']);

        	/**
		      * 记录正确【通过登录日志 登录成功】
		      */
			$_insert['log_user_name'] 	= $_POST['user_name'];
			$_insert['log_status'] 		= 1;
			$_insert['log_ip']			= $_SERVER['REMOTE_ADDR'];
			$_insert['log_time']		= date('Y-m-d H:i:s');
		    $this->login_model->insert($_insert);  
		    $this->sys_message->skip('登录后台成功！',base_url('admin'));
			return ;
		}
	}
}